On Linux MAINTAINERS file removal of Russian developers
83 comments
·October 26, 2024ajdlinux
MrHamburger
It looks like being oblivious from outsiders perspective, but people living in Russia have culture of being apolitical, because as long as you don't care about politics, politics (Russian Government) does not care about you.
That then leads to bizarre situations when Russia is waging full scale war and Russians are doing their best not to notice.
ajdlinux
The author of this blog post is German.
sligor
People should stop to use the term "Russian developers", this attracts a lot of people complaining about Russophobia (either innocently or not...)
They were removed NOT because of being Russian but because of their link to Russian state owned company (also, either legitimately or by mistake...)
comonoid
Some people was removed because their email domain name ends with .ru.
Just in case, while mail.ru domain belongs to VK (if I'm not wrong), it's a public email service like gmail.com.
protomolecule
[flagged]
gb12ayg
I find it sad that there are so many reductive comments here. The author of this article is very nuanced:
Should U.S. developers have been sanctioned over the Iraq war that was launched under false pretenses (non-existent WMD)?
Should company sanctions apply to individuals who happen to work for such a company?
Should the matter have been handled more gracefully than a stealthy removal from the MAINTAINERS file?
Has the culture of the Linux Kernel changed?
The culture has certainly changed, almost all big OSS projects have been captured and are essentially governed by corporations.
Perhaps Torvalds has been legally pressured, but 20 years ago he would have put up a fight at least. Back then everyone was proud that OSS could be used by anyone for anything. Now he attacks critics with the Russian troll meme. This is the worst of Torvalds I have seen so far.
So far, he does not seem to have any issues with exporting the Linux Kernel to Russia, which should also be prohibited by sanctions.
perihelions
- "exporting the Linux Kernel to Russia, which should also be prohibited by sanctions."
There's no export controls of non-commercial, non-ITAR software; such a thing would quickly run into a First Amendment wall. As PGP's Phil Zimmermann observed thirty years ago, you can always just print out your source code on paper and bind it as a book. Can the US government outlaw a book? Of course not.
- "In 1995, Zimmermann published the book PGP Source Code and Internals as a way to bypass limitations on exporting digital code. Zimmermann's introduction says the book contains "all of the C source code to a software package called PGP" and that the unusual publication in book form of the complete source code for a computer program was a direct response to the U.S. government's criminal investigation of Zimmermann for violations of U.S. export restrictions as a result of the international spread of PGP's use.[7]"
https://en.wikipedia.org/wiki/Phil_Zimmermann#Arms_Export_Co...
mdp2021
> Now he attacks critics with the Russian troll meme
You should really provide more grounds for stating that.
google_boy
One second to find using Google:
https://www.theregister.com/2024/10/23/linus_torvalds_affirm...
Quote in the middle of the article.
mdp2021
No, you misunderstood the statement. That article on the Register I had abundantly read when it came out.
The poster should show that that one sentence from Torvalds could be dismissed - we do not know exactly what interventions he called "trolls". Maybe they were, maybe they were not.
chikere232
At this point I kinda have to assume posts like these are just concern trolling and aren't really worth taking seriously
If it's genuinely naive, this is a great time to wake up to the fact that russia is conducting a war of conquest against a european country, and this is why they, and a bunch of companies associated with that, are being sanctioned. Why would any reasonable project try to circumvent such sanctions?
mdp2021
Also in other articles, it was not clear why those individuals were targeted, and it seemed it could be just because of the passport.
(It seems, from other sources, that it is because of their employer.)
sam_lowry_
Serge Semin who wrote the goodbye letter [1] worked for Baikal Electronics, a military contractor.
However, Baikal Electronics has been bancrupt for half a year, and he says he worked on the kernel as a volunteer lately.
I think Chinese COTS suppliers are more used by contemporary Russian army, but none sanctions them.
I can't really judge for the others, but in his case, the exclusion was either too late or totally unjustified.
mdp2021
> Why would any reasonable project try to circumvent such sanctions
Well, first they should be convinced that the sanction makes sense. It does not matter if it is the "law", an "order" or anything similar: you are responsible of what you do - including what you comply to.
Maybe it does make sense, maybe it does not: from the outside, with limited information about the original decree, it seems perplexing. Surely it raises questions.
For what your post is concerned, the war and the contributions to the Kernel do not have solid links between them - the jump from "there is a war" and "some contractors are inhibited contribution to the Linux kernel" is all to be justified. (The law is not a justification: the law requires justification.)
rightbyte
I guess Torwalds does not have much choice living in the US. But it is concerning.
> genuinely naive
I don't get this angle. My take is that 'naive' people believe they are the good guys. They emotionally rationalize when their tribe indirectly or directly drops bombs on children and get all worked up when a tribe their elders dislike do it. They are destablizing and part of the problem picture.
You could argue US sanctions are counterproductive and are dividing.
A 'people should work out their differences and be friends' is not naive. It is a 'ye the US and Russia more or less arbitrarily invade other countries from time to time. That is bad. Lets not get in the way'.
Noam Chomsky or Henry Kissinger would like a word with all these mental shenanigans.
mardifoufs
It's amazing that your comment talks about concern trolling while at the same time says: "it's time to wake up to the fact that russia is conducting a war of conquest.."
Yes, everyone knows that. The issue is how you could assert guilt by mere ownership of a passport. No sanction that I'm aware forbids any Russian national (even if say, living in Europe) from working on something. The cringy way Linus got the message out was also super weird. Trying to make the debate about something else is the concern trolling here.
lostmsu
Passport is insufficient to get sanctioned (including this case).
tharmas
Please see Prof John Mearsheimer regarding Ukraine.
mdp2021
What, of JM.? He has published much - some of quality and some weak.
None of what I read of him seems relevant.
tharmas
CONFIDENTIAL: WikiLeaks Document PROVES U.S. Knew NATO Expansion Would Cause Russia/Ukraine War: https://wikileaks.org/plusd/cables/08MOSCOW265_a.html
https://libertarianinstitute.org/dont-tread-on-anyone/nyet-n...
The USA provoked a War with Russia via Ukraine. The USA sees it in their strategic interests to "Knock down" Russia's "strength" back to what it was in the 1990s i.e. on their knees. Provoking a War via a proxy such as Ukraine was seen as the best way to do this. Mearsheimer argues that Russia is not an existential threat to American Hegemony so therefore expanding NATO into Ukraine to provoke a War is an unnecessary goal. He sees China as the real existential threat.
The USA is not 'defending" Ukraine because it cares about Ukraine. The situation in Gaza proves that the USA does not "care" about people at all, only what it sees as its strategic interests. The USA is using Israel as a proxy against Iran and Iranian backed "terrorists". The USA regards Israel as having similar strategic interests. And it can use Israel to do the "dirty work" while pretending that they "care" about human rites.
tharmas
Even in Obama's own book he states the reasons for Putin's motives regarding Ukraine: https://www.youtube.com/watch?v=OLqECnjJ7eU
sshine
[flagged]
sshine
Since I got downvoted:
I'm not saying their invasion of Ukraine isn't terrible.
I'm just not used to think of Ukraine and Russia as being European countries.
But they sure are on the European continent.
It just seems that Russians then get regarded as the outsiders when Russia is also a European country.
rightbyte
In my experience when most Europeans say 'Europe' or 'Europeans' they mean every country and nationality except their own.
chx
Apparently people working on open source are just looking for an excuse to pontificate. Same as with Bitwarden, simply raising the issue and then waiting a little for an answer is enough.
https://lore.kernel.org/lkml/e7d548a7fc835f9f3c9cb2e5ed97dfd...
> If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file.
That's all.
Both could've been handled better but there's no need to write ten thousand open source philosophy comments on the issue itself, bad articles and HN comments.
gizmondo
Try looking for NetUP in the sanction list, whose employees (including a former one who's actually working for Amazon) were removed. You won't find it. I'm surprised nobody called out James Bottomley on this bullshit answer.
mdp2021
> simpler [...] That's all
Actually it is not, because the confusion shifts to OFAC and the question becomes "why should people employed by companies under those identified by etc. be barred from contributing to the Linux Kernel".
chx
> why should people employed by companies under those identified by etc. be barred from contributing to the Linux Kernel
Because the OFAC literally prohibits a US person receiving anything at all from a sanctioned person.
Can't find the specific sanction but here's a typical sample from https://home.treasury.gov/news/press-releases/jy1102
> All transactions by U.S. persons or within (or transiting) the United States that involve any property or interests in property of designated or blocked persons are prohibited unless authorized by a general or specific license issued by OFAC, or exempt. These prohibitions include the [...] receipt of any contribution or provision of funds, goods, or services from any such person.
Note: for both "U.S. persons" and "blocked person" also consider corporate personhood. It's not just individual people. And so the Linux Foundation, Linus himself and every Linux user in the U.S. can't receive anything at all from the sanctioned so it's no wonder they needed to be excluded.
You are welcome to lobby the OFAC to carve out an exemption for open source contributions. Or the White House or the Congress, what do I know who has the authority to write such.
mdp2021
> Because the OFAC literally prohibits a US person receiving anything at all from a sanctioned person
That does not answer the question - it is circular. "Why does the low forbid X?" // "Because it is the law". [I mistyped 'law' as 'low'. I'll keep it.]
Of course the doubts are about whether that action makes sense.
throwaway13337
It's people that work for Russian state owned companies - not just Russians in general.
A lot of the discourse wants to muddy the water to make it sound like it is against all those of Russian background - it is not.
Russian people are not the Russian state. Blurring the lines only polarizes which, I imagine, is often the intent.
This article's framing is disingenuous.
joric
Are they though? Owning a mail.ru email doesn't mean anything, it's a public mail. Corporate email would be corp.mail.ru. They also banned a guy that lives in USA for 10+ years for netup.ru which is not even sanctioned. And a gmail guy, apparently for Baikal Electronics that went bankrupt an year ago (August 2023).
JSDevOps
What I don’t understand is there must be tonnes more Russian maintainers and contributors to this? What’s the score there?
perihelions
That's because the sanctioned entities are individual Russian companies on the OFAC list, not Russian citizens generally. All of the initial media reporting (speculation, really) turned out to be wrong (because of deliberate non-transparency on the part of Torvalds, in his public statements).
https://lwn.net/ml/all/7ee74c1b5b589619a13c6318c9fbd0d6ac7c3...
- "We finally got clearance to publish the actual advice: If your company is on the U.S. OFAC SDN lists, subject to an OFAC sanctions program, or owned/controlled by a company on the list, our ability to collaborate with you will be subject to restrictions, and you cannot be in the MAINTAINERS file."
joric
I am pretty sure they just grep'd mail.ru, added a couple of other sus entries and pushed the commit. It's painfully obvious if you take a look at the file https://github.com/torvalds/linux/blob/master/MAINTAINERS, there are no mail.ru addresses left (it's a public email service akin to gmail). The next day someone woke up Linus and told him to answer the public and he came up with the usual FU. That's basically all.
AndyMcConachie
If certain people cannot contribute to the Linux kernel because of a list maintained by the USG then perhaps it's time for Linux kernel development to no longer be dependent on US law.
We should realize this has nothing to do with Russia or the Russian government. This could happen with any country and any group of people. The USG is constantly expanding their sanctions regime. Thus, we need to ask ourselves the obvious question; Who will be next?
What I find perplexing and surprising are the people I see online cheering this on. The people who are happy that the USG is forcing Linux kernel devs to stop working with people. Why are some people so happy for Linus and crew to take orders from the USG's sanctions regime?
Where did the free as in freedom go?
sampo
> If certain people cannot contribute to the Linux kernel because of a list maintained by the USG then perhaps it's time for Linux kernel development to no longer be dependent on US law.
It is not only US-based organizations, but also people living in the US (and US citizens even if they don't live in the US) that have to follow the US law. Even if you set up the coordinating foundation in e.g. Switzerland, many Linux kernel maintainers would still live in US, probably not wanting to move to Switzerland.
Also, Switzerland is becoming less neutral and more EU-aligned. They are following most of the EU sanctions against Russia: https://www.admin.ch/gov/en/start/documentation/media-releas...
So you might have to find a different country than Switzerland. Brazil, Venezuela, Cuba? Of course, the most sure way to avoid needing to abide by sanctions against Russia, would be to set your headquarters in Russia.
chikere232
Sanctioning russia for invading ukraine isn't exactly an arbitrary power trip. Complying with such sanctions is the morally right thing to do here
mdp2021
First words of the post: «If certain people cannot contribute to the Linux kernel because of a list».
Issue is raised against the specifics (validity, effectiveness, sense) of possible sanctions.
John parks his car blocking your gate. Sanction A: you paint his car mauve. Sanction B: John's cousin is forbidden providing voluntary work. Sanction A and B are very different and some raise debate more than others.
(If you want a more "actual" example - though besides official governmental actions - there have been pressing debates whether athletes holding some passport can can compete in international games.)
perihelions
- "This could happen with any country and any group of people."
The OFAC SDN list once included the ICC (as diplomatic retaliation for ICC judges investigating US war crimes in Afghanistan),
https://www.bbc.com/news/world-us-canada-54003527 ("International Criminal Court officials sanctioned by US")
Morality aside, there's about zero legal process behind it: it's just a unilateral power of the executive. Any sitting president can do this to any non-American entity they want.
sligor
> If certain people cannot contribute to the Linux kernel
You don't need at all to be an official maintainer to contribute to Linux
krisoft
> This could happen with any country and any group of people.
And that is why it is a good idea to keep people who want to start a war of conquest out of power. So it doesn’t happen to your country and your people.
> Who will be next?
Whoever decides to murder their neighbhours.
instagraham
> Whoever decides to murder their neighbhours.
To what extent can most people actually move the needle of their government's actions?
As a thought experiment, consider a world where all Americans are banned from contributing to software projects because of the long and dismal history of US foreign policy - which involves murdering people so far from US borders as to make such murder fundamentally questionable at a national security level. While Americans protested the Vietnam and Iraq wars, these wars took place regardless. So how do you establish collective responsibility?
Does the fact that the protests took place make Americans immune from consequences? Or should it only matter if citizen movements can stop a government? In either case, you would find most of the G-20 responsible for some atrocity or the other.
The tragedy of the Russia situation is that it is a wholly unjust war, which should be penalised, but the logic and apparatus that would penalise it would also penalise most major nations. It is beyond the scope of HN to create a world order that would repair things. But just because the UNSC is broken, need not mean that the open source ecosystem be left to rot as well.
krisoft
> To what extent can most people actually move the needle of their government's actions?
I’m not unsimpathic to this argument. In wars innocent people gets hurt. Sometimes that means your name is removed from a text file, sometimes it means that your family is blown up in a missile attack. Either way the solution is the same: stop the war and take the troops home.
I’m not going to adress the textbook whataboutism line by line. Generaly i’m easy to convince that a lot more negative consequences should have followed a lot of attrocities. If you think you caught me in some contradiction by selecting examples then you are wrong.
mardifoufs
Ah yes, I'm waiting for the kernel to remove Israeli contributors any day now. Any contributor with an .il email is literally killing Lebanese children according your logic.
krisoft
> Any contributor with an .il email is literally killing Lebanese children according your logic.
I did not claimed that any kernel contributor is killing anyone. AndyMcConachie’s comment claimed that “This could happen with any country and any group of people.” As if the country in question was doing nothing and then suddenly bamm they were hit with sanctions. If you don’t see how ridiculous that is then there is nothing we can talk about.
phoe-krk
[flagged]
bubblesnort
When PGP couldn't be exported and OpenBSD had to set up camp in Canada, the same people who are upset now were silent then. The resistance back then was both clever and peaceful.
axpvms
My heart bleeds for the poor Russian military contractors
"I was under the naive assumption that it's individual developers who work together, and their employers do not really matter."
This assumption is not just naive but completely oblivious under normal circumstances, let alone in a discussion about sanctions regime compliance and risk management.